Graph-Based Malware Detection Using Machine Learning

Overview

My master's thesis explores how graph representations of program behavior can detect malware patterns that traditional signature-based approaches miss. By modeling system activity as graphs and extracting structural features, machine learning models can classify malicious vs benign behavior.

Key Techniques Used

• Graph-based behavioral modeling
• Feature extraction from graph topology
• XGBoost classification
• Python data pipelines
• Behavioral malware analysis

Architecture Concept

Results

Graph structural relationships between behaviors provided signals that improved detection performance compared to traditional feature approaches. The research demonstrated that modeling program behavior as interconnected graphs captures patterns that flat feature vectors miss.

How This Research Influences My Engineering

This research continues to influence how I think about system design and data modeling. I often approach complex systems as networks of relationships, which helps when designing scalable backend services, analytics pipelines, and machine learning systems. The graph-based thinking translates directly to architecting distributed systems, understanding data dependencies, and optimizing performance bottlenecks.